Conditional Access to certain web pages only: Apache JBoss

Forum Moderators: phranque

Message Too Old, No Replies

Conditional Access to certain web pages only: Apache JBoss

ip address restiction for Apache + jboss setup, conditional access to pages

rommel

6:28 pm on Jun 11, 2012 (gmt 0)

Hi All,

Googled for this specific scenario but could not come to a consensus on the solution so checking with this mailing list.

I need to do the following:

1. Allow access to only a few web pages from only a few IP adresses. Its not a domain wide restriction but only to select few pages.

2. The web pages being requested could reside in jboss or in htdocs. Main requirement is to avoid hit to the app server for IP address check and make the decision to block or allow requests at the Apache httpd server layer itself.

3. If request is to be blocked a custom page needs to be shown with an appropriate message.

4. The custom page to be shown for unauthorized access would differ based on the page requested for.

5. I considered configuring the <Directory ...> in httpd.conf and .htaccess files but that does not seem to provide the detailed access control noted above.

6. Is it possible to make such changes and have them reflected without a server (apache httpd) restart?

Thanks,
Rommel

g1smd

6:38 pm on Jun 11, 2012 (gmt 0)

A set of conditional RewriteRules in htaccess will do it.

You'll need to be very precise in defining which requested URLs will be affected, what factors will switch the alternative functionality and where the real and replacement content actually resides within the server filesystem.

Also important, which content version will be returned to searchengine bots.

lucy24

9:57 pm on Jun 11, 2012 (gmt 0)

I considered configuring the <Directory ...> in httpd.conf and .htaccess files but that does not seem to provide the detailed access control noted above.

If you've got access to your config file, use it. htaccess is essentially a slower version of <Directory> for people who can't use the config file. And they're mutually exclusive; you can't say <Directory> in htaccess. Put the htaccess in the directory where you want its rules to apply.

Requests don't look sideways. If directories /a/ and /b/ are parallel-- neither one is a descendant of the other-- then requests headed for /a/ will never see rules restricted to /b/.

otoh if it's important to be able to make changes without restarting the server, then htaccess is the way to go. Changes are instant. Just make sure you're using a directory's physical location, which may be different from its URL.

rommel

4:52 am on Jun 12, 2012 (gmt 0)

@g1smd and @lucy24

Many thanks for these inputs. I will try these out.

rommel

5:42 pm on Jun 13, 2012 (gmt 0)

Thanks.

<files> or <filesMatch> in .htaccess

did the work.